27.10.2014 0:31, Cesar Peschiera пишет: > I guess that your firewall not be functioning optimally if you add the > 130.00 rules in ipset, due to that for each network packet the firewall must > do 130.000 checks. What? Did you mean plain list of single-address rules? Because IPSET [http://ipset.netfilter.org/ipset.man.html] is extremely fast at searching on large lists of addresses.
_______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
